Peter Bowen writes:
>As someone pointed out on Twitter this morning, it seems that the PSC
>notification for Startcom UK was filed recently:
>https://s3-eu-west-1.amazonaws.com/document-api-images-prod/docs/UdxHYAlFj6U9DNs6VBJdnIDv4IQAWd4YKYomMERO_2o/application-pdf
So if I'm reading that correc
Yeah, it's almost impossible to distrust all WoSign authority manually from
keychain access. WoSign has 28 root certs or intermediate certs signed by
other CAs, listed below. (List from
https://github.com/chengr28/RevokeChinaCerts/wiki/ReadMe_Online#about-certificates
)
Certification Authority of
Nick Lamb writes:
>On Tuesday, 6 September 2016 15:11:00 UTC+1, Peter Gutmann wrote:
>> Why would a public CA even need cross-certification from other CAs?
>
>Maybe this question has some subtlety to it that I'm missing?
OK, I really meant "that many other CAs". To take one example, the cross-
On Tuesday, 6 September 2016 15:11:00 UTC+1, Peter Gutmann wrote:
> Why would a public CA even need cross-certification from other CAs?
Maybe this question has some subtlety to it that I'm missing?
Acceptance into root trust stores is slow. Glacial in some cases. Mozilla has a
published process
y-pol...@lists.mozilla.org"
Subject: Re: [FORGED] Re: Incidents involving the CA WoSign
Message-ID: <1473170991071.38...@cs.auckland.ac.nz>
Content-Type: text/plain; charset="iso-8859-1"
Peter Bowen writes:
>In addition to the direct impact, I note that W
On 06/09/2016 16:10, Peter Gutmann wrote:
Peter Bowen writes:
In addition to the direct impact, I note that WoSign is the subject of cross-
signatures from a number of other CAs that chain back to roots in the Mozilla
program (or were in the program).
This is incredible, it's like a hydra.
On 06/09/16 15:10, Peter Gutmann wrote:
> Why would a public CA even need cross-certification from other CAs?
To inherit trust on legacy platforms that don't have an automatic root
update mechanism.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
___
Peter Bowen writes:
>In addition to the direct impact, I note that WoSign is the subject of cross-
>signatures from a number of other CAs that chain back to roots in the Mozilla
>program (or were in the program).
This is incredible, it's like a hydra. Do the BRs say anything about this
type of
Eddy Nigg writes:
>On 09/04/2016 09:20 AM, Peter Gutmann wrote:
>> This is great stuff, it's like watching a rerun of Diginotar
>
>.says the audience on the backbenches gleefully
Well, it doesn't exactly paint the best picture of a competently-run CA, same
as Diginotar, and the progressio
On 09/04/2016 09:20 AM, Peter Gutmann wrote:
Peter Bowen writes:
It was brought to my attention that there is another incident.
This is great stuff, it's like watching a rerun of Diginotar
.says the audience on the backbenches gleefully
but no, what are you talking about?? Even
Peter Bowen writes:
>It was brought to my attention that there is another incident.
This is great stuff, it's like watching a rerun of Diginotar. Definitely the
best web soap in the last few weeks...
Peter.
___
dev-security-policy mailing list
dev-s
11 matches
Mail list logo